Hackers are exploiting a critical vulnerability that may be affecting hundreds of thousands of websites running WordPress.

The vulnerability lies in versions of the popular third-party plugin WordPress File Manager, which has been installed on over 700,000 websites.

WordPress File Manager bills itself as a tool to make it simple for webmasters to upload, edit, archive, and delete files and folders on their website’s backend.

But hackers have found a way to exploit version 6.8 and below of WordPress File Manager to inject malicious code onto websites without authorisation, creating backdoors for future abuse.

As security researchers at NinTechNet describe, one interesting aspect of the attack is that the hackers are injecting code into the websites they compromise to password-protect access via the flaw – thus preventing other hacking groups from exploiting the same vulnerability.

WordPress security firm Wordfence says that it has blocked over 450,000 exploit attempts in the last several days.

“A file manager plugin like this would make it possible for an attacker to manipulate or upload any files of their choosing directly from the WordPress dashboard, potentially allowing them to escalate privileges once in the site’s admin area.”

“For example, an attacker could gain access to the admin area of the site using a compromised password, then access this plugin and upload a webshell to do further enumeration of the server and potentially escalate their attack using another exploit.”

The makers of WordPress File Manager, issued an update (version 6.9) on September 1st that resolves the security issue, but hundreds of thousands of websites are still thought to be running out-of-date vulnerable versions of the plugin.

It should go without saying that anyone running a website should be very selective about what third-party plugins they install, keep a keen eye on security updates, and apply them as necessary.

The latest versions of WordPress includes an ability to automatically update third-party plugins like WordPress File Manager when new updates are released, although this may not be a feature that is desirable on every website.

If your website was compromised you are advised to reinstall WordPress to clean-up possibly infected core files, and change the passwords to databases and all users with administrator privileges.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Graham Cluley. Read the original post at: https://hotforsecurity.bitdefender.com/blog/wordpress-websites-attacked-via-file-manager-plugin-vulnerability-24048.html

Source: https://securityboulevard.com/2020/09/wordpress-websites-attacked-via-file-manager-plugin-vulnerability/

World news – US – WordPress Websites Attacked via File Manager Plugin Vulnerability – Security Boulevard

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

LEAVE A REPLY

Please enter your comment!
Please enter your name here